Closed rsahita closed 6 months ago
That is not the case - if a device is allowed to directly DMA from confidential memory (which is assigned to a TVM), it has to be a TEE-IO capable device (even for non-PCIe onchip devices) -- though the TEE-IO requirements for on-chip devices may be a lower bar (for e.g. no link encryption/integrity may be required)
closing this one (explanation in the prev. comment). cc @ozkoyuncu
Reference: link
There may also be non TEE-IO compliant devices assigned to a TVM (e.g. non-PCIe onchip devices).